PCI Free Blog

Hacking by Remote Access: Malicious Software

The payment card industry data security standard or PCI DSS and its precepts are meant to protect your business as well as the integrity of the entire payment card industry.  If your business operations are reliant on a LAN or local area network, becoming PCI compliant will address and solve most of your inherent firewall and remote access vulnerabilities.  Maintaining PCI compliance for your business means you have scheduled inspections and scans.  It means you have a strategy and procedures in place to update and upgrade virus protection and security software.  But the fact that your network isn’t completely isolated or sealed off from remote access means that you can never let your guard down.  The self assessment questionnaires or SAQs produced by the payment card industry security standards council or PCI SSC are meant to be a dynamic and evolving set of guidelines that will change and adapt to as yet unseen threats beyond the horizon. 

Computer hackers and criminals at the time of this blog have a truly vast catalogue of malicious software or malware tools that can be used to compromise the integrity of your computer network.  Some malware is created for the purpose of damaging key systems, deleting important files or inserting viruses that can contaminate your entire system.  One type of malware popular amongst hackers is called a packet sniffer.  Packet sniffers (also known as network analyzers) intercept and translate a data stream or block of data (known as a “packet” in computer geek vernacular) as it traverses a network.  Hackers can use the software for specific purposes such as collecting user names, passwords and other sensitive information. 

For more information about the types of methods used by hackers and computer criminals use the strategies outlined the PCI DSS and maintain your business’s PCI compliance.  See our home page for information on how your business can be PCI compliant for free.

This entry was posted in PCI Compliance, PCI DSS and PA-DSS, Sensitive Data Storage. Bookmark the permalink.

Leave a Reply